Management of Organizational Model 231 for a company that operates in digitalization services in the healthcare sector

"Having an automated and integrated solution for the management of Model 231 is a value in line with our business where full transparency and documentability of each phase, especially the risk assessment and the consequent action plan, are essential elements"

Board of Statutory Auditors

The Need

Update of the organization, management and control model pursuant to Legislative Decree 231/01 through a careful analysis of the risks by process in order to define and manage an effective and structured action plan aimed both at covering the risks of committing the crime and to the continuous improvement of the internal control system.

The Solution

Customization of the KRC® standard 231 form through an activity of:

  • Analysis of Model 231 and documentation (procedures, reports, organization charts) existing at the date in order to identify the correct scope of intervention
  • Meetings with management to collect the information necessary for contextualising sensitive Activities and for the Risk Assessment. Direct upload to form 231 for the immediate setting of a correct and effective Action Plan and for the subsequent phases of updating the 231 Model
  • Generation of the General Part and Special Parts of Model 231
  • Activation of the "OdV Management" module to support the specific activities of the Control Body
  • Generation of reporting with particular reference to risk assessment and action plan
  • Training and assistance to the Supervisory Body

Benefits

With the adoption of the 231 model, the customer has an engineered solution, in line with the provisions of the category guidelines, capable of:

  • Document and track each phase of the 231 compliance process at any time
  • Make a document repository available to support the assessment phases (procedures, reports, information flows, system of powers, Model 231, Code of Ethics, Anti-corruption Plan)
  • Carry out and update the risk assessment in a structured way based on Integrated Risk Management (IRM) logics
  • Define a gap analysis adhering to company needs and objectives and have an Action Plan that, in addition to responding to compliance needs, supports the entire corporate internal control system
  • Produce dynamic documents and reporting consistent with the analyzes and assessments made
  • Support the activities of the Supervisory Body and channel requests into a structured improvement and updating plan
  • Optimize and reduce the cost of compliance thanks to the integration to and from the company internal control system